package com.totoro.oauth.demo.controller;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.servlet.ModelAndView;

import java.util.ArrayList;
import java.util.List;

/**
 * Created by Niki on 2018/7/26 19:15
 */
@RestController
@RequestMapping("/")
public class UserController {
    /**
     * 查询所用用户
     * @return
     */
    @GetMapping("/users")
    @PreAuthorize("hasAuthority('ROLE_USER')")  // 指定角色权限才能操作方法
    public ModelAndView list(Model model) {

        List<User> list = new ArrayList<>();    // 当前所在页面数据列表
        list.add(new User("waylau",29));
        list.add(new User("老卫",30));
        model.addAttribute("title", "用户管理");
        model.addAttribute("userList", list);
        return new ModelAndView("users/list", "userModel", model);
    }

}
